public async Task <IActionResult> GetByFilter([FromQuery] CredentialFilter filter) { var validationResult = new CredentialFilterValidator().Validate(filter); validationResult.AddToModelState(this.ModelState, null); if (!validationResult.IsValid) { return(ValidationError()); } var page = await CredentialStore.Get(filter); if (page.IsEmpty) { return(NotFound <Credential>(filter, page.Total)); } var vmList = new List <CredentialVM>(); foreach (Credential credential in page.Items) { var newVm = new CredentialVM(credential); vmList.Add(newVm); } return(Collection <Credential>(filter, page.Total, vmList)); }
protected override Task <bool> RunInternalAsync(StringBuilder log, IList <string> additionalFiles) { log.AppendLine($"ICredentialStore instance is of type: {_credentialStore.GetType().Name}"); // Create a service that is guaranteed to be unique string service = $"https://example.com/{Guid.NewGuid():N}"; const string account = "john.doe"; const string password = "******"; // [SuppressMessage("Microsoft.Security", "CS001:SecretInline", Justification="Fake credential")] try { log.Append("Writing test credential..."); _credentialStore.AddOrUpdate(service, account, password); log.AppendLine(" OK"); log.Append("Reading test credential..."); ICredential outCredential = _credentialStore.Get(service, account); if (outCredential is null) { log.AppendLine(" Failed"); log.AppendLine("Test credential object is null!"); return(Task.FromResult(false)); } log.AppendLine(" OK"); if (!StringComparer.Ordinal.Equals(account, outCredential.Account)) { log.Append("Test credential account did not match!"); log.AppendLine($"Expected: {account}"); log.AppendLine($"Actual: {outCredential.Account}"); return(Task.FromResult(false)); } if (!StringComparer.Ordinal.Equals(password, outCredential.Password)) { log.Append("Test credential password did not match!"); log.AppendLine($"Expected: {password}"); log.AppendLine($"Actual: {outCredential.Password}"); return(Task.FromResult(false)); } } finally { log.Append("Deleting test credential..."); _credentialStore.Remove(service, account); log.AppendLine(" OK"); } return(Task.FromResult(true)); }
public void Setup() { mFactory = new Factory(new DefaultModuleConfiguration(), new ITModuleConfiguration()); mObserver = (RecordingObserver)mFactory.Build<IMessageObserver>(); mApp = mFactory.Build<IApp>(); mFile = new DotNetFile(); mRefreshToken = new RefreshTokenStore(mFile, "refreshToken.txt"); mCredentials = new CredentialStore(mFile, "credentials.txt"); var provider = new TestConfigurationProvider(); provider.SetupCredentialsFile(); provider.SetupRefreshTokenFile(); provider.SetupDummyFile(); mFileManager = new GDriveFileManager(mCredentials.Get(), mRefreshToken.Get()); new Retry(30, 125) .WithWork(x => { mFileManager.CleanGDriveAcct(); Assert.That(mFileManager.ListAllFilesOnRootById().ToArray(), Is.Empty); }) .Start(); mFolderManager = new FolderManager(mCredentials.Get(), mRefreshToken.Get()); }
public ICredential Get(string service, string account) { EnsureBackingStore(); return(_backingStore.Get(service, account)); }
public ICredential Get(string key) { EnsureBackingStore(); return(_backingStore.Get(key)); }
public async Task <IActionResult> Login([FromBody] SessionCreateForm form) { // El form está comlpeto? -------------------- if (form == null) { return(new BadRequestResult()); } if (string.IsNullOrEmpty(form.UsernameOrEmail)) { ModelState.AddModelError(nameof(form.UsernameOrEmail), "Required"); } if (string.IsNullOrEmpty(form.Password)) { ModelState.AddModelError(nameof(form.Password), "Required"); } if (!ModelState.IsValid) { return(ValidationError()); } // La IP tiene permiso de intentar login? -------------------- var attemptRateResult = await LoginAttemptLimitingService.Check(RequestInfoService.RemoteIp, LoginAttemptStore); if (!attemptRateResult.IsApproved) { ModelState.AddModelError("", attemptRateResult.ErrorMessage); return(ValidationError()); } LoginAttempt attempt = new LoginAttempt(this.RequestInfoService.RemoteIp, DateTime.UtcNow); // La credencial existe? -------------------- string failedLoginMsg = "Invalid email and password combination."; Credential credential = null; bool isEmail = form.UsernameOrEmail.IsEmail(); if (isEmail) { credential = await CredentialStore.GetByEmail(form.UsernameOrEmail); } else { credential = await CredentialStore.Get(form.UsernameOrEmail); } if (credential == null) { ModelState.AddModelError("", failedLoginMsg); await LoginAttemptStore.Create(attempt); return(ValidationError()); } // La contraseña es correcta? string newCalculatedHash = HashingUtil.GenerateHash(form.Password, credential.PasswordSalt); if (newCalculatedHash != credential.PasswordHash) { ModelState.AddModelError("", failedLoginMsg); await LoginAttemptStore.Create(attempt); return(ValidationError()); } // El usuario está penalizado? CredentialPenalty activePenalty = await CredentialPenaltyStore.Get(credential.CredentialId, DateTime.UtcNow); if (activePenalty != null) { string validationMsg = null; if (activePenalty.EndDate.HasValue) { validationMsg = string.Format("User temporarily banned, until [{0}]. Reason: '{1}'", activePenalty.EndDate.Value.ToString(), activePenalty.Reason); } else { validationMsg = string.Format("User permanently banned. Reason: '{0}'", activePenalty.Reason); } ModelState.AddModelError("", validationMsg); await LoginAttemptStore.Create(attempt); return(ValidationError()); } var agent = RequestInfoService.UserAgent; // La credencial ya tiene una sesión activa? Session session = await this.SessionStore.Get( credential.CredentialId, agent.DeviceClass, agent.DeviceName, agent.AgentName, agent.AgentVersion); if (session != null) { session.LastActiveDate = DateTime.UtcNow; if (session.AllowSelfRenewal) { session.ExpirationDate = session.LastActiveDate.AddDays(1); } await SessionStore.Update(session); } else { // Crea la sesión session = new Session(); session.CredentialId = credential.CredentialId; session.LoginDate = DateTime.UtcNow; session.ExpirationDate = DateTime.UtcNow.AddDays(1); session.LastActiveDate = session.LoginDate; session.AllowSelfRenewal = form.IsRememberLogin; session.Device = new UserDevice(agent.DeviceClass, agent.DeviceName); session.Agent = new UserAgent(agent.AgentName, agent.AgentVersion); await SessionStore.Create(session); } // Autentifica // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(form.ReturnUrl); await _events.RaiseAsync(new UserLoginSuccessEvent(credential.DisplayName, credential.CredentialId, credential.DisplayName, clientId : context?.ClientId)); // only set explicit expiration here if user chooses "remember me". // otherwise we rely upon expiration configured in cookie middleware. AuthenticationProperties props = null; if (form.IsRememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromHours(8)) }; } ; // issue authentication cookie with subject ID and username var isuser = new IdentityServerUser(credential.CredentialId) { DisplayName = credential.DisplayName }; await HttpContext.SignInAsync(isuser, props); // Devuelve el recurso Session return(Element <Session>(session)); }